1 /* 2 * This file and its contents are supplied under the terms of the 3 * Common Development and Distribution License ("CDDL"), version 1.0. 4 * You may only use this file in accordance with the terms of version 5 * 1.0 of the CDDL. 6 * 7 * A full copy of the text of the CDDL should have accompanied this 8 * source. A copy of the CDDL is also available via the Internet at 9 * http://www.illumos.org/license/CDDL. 10 */ 11 12 /* 13 * Copyright 2015 Nexenta Systems, Inc. All rights reserved. 14 */ 15 16 #include <fcntl.h> 17 #include <strings.h> 18 #include <unistd.h> 19 #include <errno.h> 20 #include <stdio.h> 21 #include <stdlib.h> 22 23 #include "cryptotest.h" 24 25 struct crypto_op { 26 char *in; 27 char *out; 28 char *key; 29 char *param; 30 31 size_t inlen; 32 size_t outlen; 33 size_t keylen; 34 size_t paramlen; 35 size_t updatelen; 36 37 char *mechname; 38 39 /* internal */ 40 crypto_mech_type_t mech; 41 crypto_session_id_t hsession; 42 crypto_func_group_t fg; 43 }; 44 45 static int fd; 46 static const char CRYPTO_DEVICE[] = "/dev/crypto"; 47 48 int 49 kcf_do_ioctl(int opcode, uint_t *arg, char *opstr) 50 { 51 int ret; 52 53 while ((ret = ioctl(fd, opcode, arg)) < 0) { 54 if (errno != EINTR) 55 break; 56 } 57 58 if (ret < 0 || *arg != CRYPTO_SUCCESS) 59 (void) fprintf(stderr, "%s: Error = %d %d 0x%02x\n", 60 (opstr == NULL) ? "ioctl" : opstr, 61 ret, errno, *arg); 62 63 if (ret < 0) 64 return (errno); 65 66 return (*arg); 67 } 68 69 crypto_op_t * 70 cryptotest_init(cryptotest_t *arg, crypto_func_group_t fg) 71 { 72 crypto_op_t *op = malloc(sizeof (*op)); 73 74 if (op == NULL) 75 return (NULL); 76 77 while ((fd = open(CRYPTO_DEVICE, O_RDWR)) < 0) { 78 if (errno != EINTR) 79 return (NULL); 80 } 81 82 op->in = (char *)arg->in; 83 op->out = (char *)arg->out; 84 op->key = (char *)arg->key; 85 op->param = (char *)arg->param; 86 87 op->inlen = arg->inlen; 88 op->outlen = arg->outlen; 89 op->keylen = arg->keylen * 8; /* kcf uses keylen in bits */ 90 op->paramlen = arg->plen; 91 op->updatelen = arg->updatelen; 92 93 op->mechname = arg->mechname; 94 95 op->hsession = CRYPTO_INVALID_SESSION; 96 op->fg = fg; 97 98 if (op->out == NULL) 99 op->outlen = op->inlen; 100 return (op); 101 } 102 103 int 104 cryptotest_close_session(crypto_session_id_t session) 105 { 106 crypto_close_session_t cs; 107 108 cs.cs_session = session; 109 return (kcf_do_ioctl(CRYPTO_CLOSE_SESSION, (uint_t *)&cs, "session")); 110 } 111 112 int 113 cryptotest_close(crypto_op_t *op) 114 { 115 if (op->hsession != CRYPTO_INVALID_SESSION) 116 (void) cryptotest_close_session(op->hsession); 117 free(op); 118 if (fd >= 0) 119 return (close(fd)); 120 return (0); 121 } 122 123 int 124 get_mech_info(crypto_op_t *op) 125 { 126 crypto_get_mechanism_number_t get_number; 127 128 bzero(&get_number, sizeof (get_number)); 129 130 get_number.pn_mechanism_string = op->mechname; 131 get_number.pn_mechanism_len = strlen(op->mechname) + 1; 132 133 if (kcf_do_ioctl(CRYPTO_GET_MECHANISM_NUMBER, 134 (uint_t *)&get_number, "get_mech_info") != CRYPTO_SUCCESS) { 135 (void) fprintf(stderr, "failed to resolve mechanism name %s\n", 136 op->mechname); 137 (void) cryptotest_close(op); 138 return (CTEST_NAME_RESOLVE_FAILED); 139 } 140 op->mech = get_number.pn_internal_number; 141 return (CRYPTO_SUCCESS); 142 } 143 144 int 145 get_hsession_by_mech(crypto_op_t *op) 146 { 147 crypto_by_mech_t mech; 148 int rv; 149 150 mech.mech_keylen = op->keylen; 151 mech.mech_type = op->mech; 152 mech.mech_fg = op->fg; 153 154 rv = kcf_do_ioctl(CRYPTO_GET_PROVIDER_BY_MECH, (uint_t *)&mech, 155 "get_hsession_by_mech"); 156 157 if (rv != 0 || mech.rv != CRYPTO_SUCCESS) { 158 (void) fprintf(stderr, 159 "could not find provider for mechanism %llu\n", 160 mech.mech_type); 161 (void) cryptotest_close(op); 162 return (CTEST_MECH_NO_PROVIDER); 163 } 164 165 op->hsession = mech.session_id; 166 167 return (CRYPTO_SUCCESS); 168 } 169 170 /* 171 * CRYPTO_MAC_* functions 172 */ 173 int 174 mac_init(crypto_op_t *op) 175 { 176 crypto_mac_init_t init; 177 178 bzero((void *)&init, sizeof (init)); 179 180 init.mi_session = op->hsession; 181 182 init.mi_key.ck_data = op->key; 183 init.mi_key.ck_format = CRYPTO_KEY_RAW; /* must be this */ 184 init.mi_key.ck_length = op->keylen; 185 186 init.mi_mech.cm_type = op->mech; 187 init.mi_mech.cm_param = NULL; 188 init.mi_mech.cm_param_len = 0; 189 190 return (kcf_do_ioctl(CRYPTO_MAC_INIT, (uint_t *)&init, "init")); 191 } 192 193 int 194 mac_single(crypto_op_t *op) 195 { 196 crypto_mac_t mac; 197 198 bzero(&mac, sizeof (mac)); 199 mac.cm_session = op->hsession; 200 mac.cm_datalen = op->inlen; 201 mac.cm_databuf = op->in; 202 mac.cm_maclen = op->outlen; 203 mac.cm_macbuf = op->out; 204 205 return (kcf_do_ioctl(CRYPTO_MAC, (uint_t *)&mac, "single")); 206 } 207 208 int 209 mac_update(crypto_op_t *op, int offset) 210 { 211 crypto_mac_update_t update; 212 213 bzero((void *)&update, sizeof (update)); 214 215 update.mu_session = op->hsession; 216 update.mu_databuf = op->in + offset; 217 update.mu_datalen = op->updatelen; 218 219 return (kcf_do_ioctl(CRYPTO_MAC_UPDATE, (uint_t *)&update, "update")); 220 } 221 222 int 223 mac_final(crypto_op_t *op) 224 { 225 crypto_mac_final_t final; 226 227 bzero((void *)&final, sizeof (final)); 228 229 final.mf_session = op->hsession; 230 final.mf_maclen = op->outlen; 231 final.mf_macbuf = op->out; 232 233 return (kcf_do_ioctl(CRYPTO_MAC_FINAL, (uint_t *)&final, "final")); 234 } 235 236 237 /* 238 * CRYPTO_ENCRYPT_* functions 239 */ 240 241 int 242 encrypt_init(crypto_op_t *op) 243 { 244 crypto_encrypt_init_t init; 245 246 bzero((void *)&init, sizeof (init)); 247 248 init.ei_session = op->hsession; 249 250 init.ei_key.ck_data = op->key; 251 init.ei_key.ck_format = CRYPTO_KEY_RAW; /* must be this */ 252 init.ei_key.ck_length = op->keylen; 253 254 init.ei_mech.cm_type = op->mech; 255 init.ei_mech.cm_param = op->param; 256 init.ei_mech.cm_param_len = op->paramlen; 257 258 return (kcf_do_ioctl(CRYPTO_ENCRYPT_INIT, (uint_t *)&init, "init")); 259 } 260 261 int 262 encrypt_single(crypto_op_t *op) 263 { 264 crypto_encrypt_t encrypt; 265 266 bzero(&encrypt, sizeof (encrypt)); 267 encrypt.ce_session = op->hsession; 268 encrypt.ce_datalen = op->inlen; 269 encrypt.ce_databuf = op->in; 270 encrypt.ce_encrlen = op->outlen; 271 encrypt.ce_encrbuf = op->out; 272 273 return (kcf_do_ioctl(CRYPTO_ENCRYPT, (uint_t *)&encrypt, "single")); 274 } 275 276 int 277 encrypt_update(crypto_op_t *op, int offset, size_t *encrlen) 278 { 279 crypto_encrypt_update_t update; 280 int ret; 281 bzero((void *)&update, sizeof (update)); 282 283 update.eu_session = op->hsession; 284 update.eu_databuf = op->in + offset; 285 update.eu_datalen = op->updatelen; 286 update.eu_encrlen = op->outlen - *encrlen; 287 update.eu_encrbuf = op->out + *encrlen; 288 289 ret = kcf_do_ioctl(CRYPTO_ENCRYPT_UPDATE, (uint_t *)&update, "update"); 290 *encrlen += update.eu_encrlen; 291 return (ret); 292 } 293 294 int 295 encrypt_final(crypto_op_t *op, size_t encrlen) 296 { 297 crypto_encrypt_final_t final; 298 299 bzero((void *)&final, sizeof (final)); 300 301 final.ef_session = op->hsession; 302 final.ef_encrlen = op->outlen - encrlen; 303 final.ef_encrbuf = op->out + encrlen; 304 305 return (kcf_do_ioctl(CRYPTO_ENCRYPT_FINAL, (uint_t *)&final, "final")); 306 } 307 308 /* 309 * CRYPTO_DECRYPT_* functions 310 */ 311 312 int 313 decrypt_init(crypto_op_t *op) 314 { 315 crypto_decrypt_init_t init; 316 317 bzero((void *)&init, sizeof (init)); 318 319 init.di_session = op->hsession; 320 321 init.di_key.ck_data = op->key; 322 init.di_key.ck_format = CRYPTO_KEY_RAW; /* must be this */ 323 init.di_key.ck_length = op->keylen; 324 325 init.di_mech.cm_type = op->mech; 326 init.di_mech.cm_param = op->param; 327 init.di_mech.cm_param_len = op->paramlen; 328 329 return (kcf_do_ioctl(CRYPTO_DECRYPT_INIT, (uint_t *)&init, "init")); 330 } 331 332 int 333 decrypt_single(crypto_op_t *op) 334 { 335 crypto_decrypt_t decrypt; 336 337 bzero(&decrypt, sizeof (decrypt)); 338 decrypt.cd_session = op->hsession; 339 decrypt.cd_datalen = op->outlen; 340 decrypt.cd_databuf = op->out; 341 decrypt.cd_encrlen = op->inlen; 342 decrypt.cd_encrbuf = op->in; 343 344 return (kcf_do_ioctl(CRYPTO_DECRYPT, (uint_t *)&decrypt, "single")); 345 } 346 347 int 348 decrypt_update(crypto_op_t *op, int offset, size_t *encrlen) 349 { 350 crypto_decrypt_update_t update; 351 int ret; 352 353 bzero((void *)&update, sizeof (update)); 354 355 update.du_session = op->hsession; 356 update.du_databuf = op->out + *encrlen; 357 update.du_datalen = op->outlen - *encrlen; 358 update.du_encrlen = op->updatelen; 359 update.du_encrbuf = op->in + offset; 360 361 ret = kcf_do_ioctl(CRYPTO_DECRYPT_UPDATE, (uint_t *)&update, "update"); 362 *encrlen += update.du_datalen; 363 return (ret); 364 } 365 366 int 367 decrypt_final(crypto_op_t *op, size_t encrlen) 368 { 369 crypto_decrypt_final_t final; 370 371 bzero((void *)&final, sizeof (final)); 372 373 final.df_session = op->hsession; 374 final.df_datalen = op->outlen - encrlen; 375 final.df_databuf = op->out + encrlen; 376 377 return (kcf_do_ioctl(CRYPTO_DECRYPT_FINAL, (uint_t *)&final, "final")); 378 } 379